我可以访问我的令牌并将其添加到RestSharp RestClient
//Create rest client.
IRestClient client = new RestClient("https://localhost.fiddler:44300");
var webClientCertificate = GetWebClientCertificate();
//Don't ask why... I'm getting an abiguous ref here.
client.ClientCertificates = new System.Security.Cryptography.X509Certificates.X509Certificate2Collection(){webClientCertificate};
IRestRequest request = new RestRequest("api/get-secure-data", Method.GET);
var response = client.Execute(request);
GetWebClientCertificate:
public X509Certificate2 GetWebClientCertificate()
{
//Access certificate store
X509Store certificateStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certificateStore.Open(OpenFlags.ReadOnly);
var certificateCollection = certificateStore.Certificates.Find(X509FindType.FindBySubjectName, "web-client",false);
var webClientCertificate = certificateCollection[0];
certificateStore.Close();
return webClientCertificate;
}
我获得了证书,我可以看到它已添加到客户端。
服务器代码
[HttpGet]
[Route("api/get-secure-data")]
[RequireHttps]
public IHttpActionResult GetSecureData()
{
try
{
X509Certificate2 cert = Request.GetClientCertificate(); //returns null
PublicKey clientKey = cert.PublicKey;
return Ok(clientKey);
}
catch (Exception exception)
{
return InternalServerError(exception);
}
}
fiddler没有显示auth标题,我缺少什么?
答案 0 :(得分:0)
首先,您只需要设置证书本身,集合已经存在,其次,您无法在使用证书进行签名或身份验证(加密)时关闭存储,因为您与上下文断开连接。